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AMENDMENTS TO THE CLAIMS 

This listing of claims replaces all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1. (Currently Amended) In a local server that receives data from one or more remote 
entities over a data transport protocol, a method of applying a cryptographically secure hash to packets 
from unverified remote entities for preventing denial of service attacks on lookup tables used to store 
state information for one or more remote entities, while maintaining the performance of the local 
server for packets from verified remote entities, the method comprising the acts of: 

receiving a packet of data from a remote entity that includes connection identifier 

information; 

hashing at least a portion of the connection identifier information using a first hash 
function to generate a first hash, the first hash identifying an entry in a first table of verified 
remote entities, the first table for storing remote entities that have a confirmed connection 
identifier; 

determining when state information for the remote entity exists at the entry in the first 
table of verified remote entities, and performing standard data transport protocol on the packet 
of data; and 

determining when state information for the remote entity does not exist in the first table 
of verified remote entities and performing the following: 

hashing at least a portion of the connection identifier information using a 
second hash function that is cryptographically secure to generate a second hash, the 
second hash function having a lower probability than the first hash function of 
generating an identical hash for connection identifier information from more than one 
remote entity, the second hash identifying a second entry in a second table of 
unverified remote entities, the second table for storing remote entities that do not have 
a confirmed connection identifier; 

determining when state information for the remote entity exists at the second 
entry in the second table of unverified remote entities, and comparing secret 
information provided received w ithin the packet of data with other information which 
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had been p reviously supplied to the remote entit y by the local server for determining if 
the remote entity can be verified such that state information can be moved to the first 
table of verified remote entities; and 

determining when state information for the remote entity does not exist in the 
second table of unverified remote entities and checking whether the local server is a 
listener that may accept the packet of data from the remote entity for determining when 
the state information for the remote entity should be created in the second table of 
unverified remote entities. 

2. (Cancelled). 

3. (Previously Presented) The method of claim 1, wherein the standard data 
transport protocol is transmission control protocol. 

4. (Previously Presented) The method of claim 1, wherein when state information 
for the remote entity exists in the second table of unverified remote entities, but the remote entity 
cannot be verified, the method further comprises the act of: 

checking if the packet includes a synchronization message for determining how to respond to 
the unverified remote entity. 

5. (Original) The method of the claim 4, wherein if the packet of data includes a 
synchronization message, the local server responds by either sending a synchronization- 
acknowledgement packet or by deleting the packet. 

6. (Previously Presented) The method of the claim 4, wherein if the packet of data 
does not include a synchronization message, the local server responds by one or more of the 
following: deleting the packet, retransmitting the original message to the remote entity or removing 
the state information from the second table of unverified remote entities. 
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7. (Previously Presented) The method of claim 1, wherein the first hash function is 
also a cryptographically secured hash function. 

8. (Original) The method of claim 7, wherein the first and second hash functions are 
one of hardware based or software based. 

9. (Previously Presented) The method of claim 1, wherein when state information 
for the remote entity does not exist in either the first table of verified remote entities or the second 
table of unverified remote entities, and wherein the server is a listener that may accept the package of 
data from the remote entity, the method further comprising the acts of: 

creating state information for the remote entity within the second table of unverified remote 
entities; and 

sending a synchronization-acknowledgement packet that includes an initial sequence number 
to the remote entity. 

10. (Previously Presented) The method of claim 1, wherein when state information 
for the remote entity does not exist in either the first table of verified entities or the second table of 
unverified entities, and the server is not a listener that may accept the package of data from the remote 
entity, the method further comprises the act of: 

sending a reset command to the remote entity for indicating that the packet was not verifiable 
and needs to be resent. 

11. (Previously Presented) The method of claim 1, wherein the remote entity 
becomes verified by sharing a secret sent to the remote entity by the local server. 
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12. (Previously Presented) In a local server that receives data from one or more 
remote entities over a data transport protocol, a method of applying a cryptographically secure hash to 
packets from unverified remote entities for preventing denial of service attacks on lookup tables used 
to store state information for one or more remote entities, while maintaining the performance of the 
local server for packets from verified remote entities, the method comprising: 

an act of receiving a packet of data from a remote entity that includes connection identifier 
information; 

an act of hashing at least a portion of the connection identifier information using a first hash 
function to generate a first hash, the first hash identifying an entry in a first table of verified remote 
entities, the first table for storing remote entities that have a confirmed connection identifier; 

a step for determining when state information exists for the remote entity in the first table of 
verified remote entities; when the state information for the remote entity does not exist in the first 
table of verified remote entities, performing the following: 

an act of hashing at least a portion of the connection identifier information using a 
second hash function that is cryptographically secure to generate a second hash, the second 
hash function having a lower probability than the first hash function of generating an identical 
hash for connection identifier information from more than one remote entity, the second hash 
identifying a second entry in a second table of unverified remote entities, the second table for 
storing remote entities that do not have a confirmed connection identifier; 

a step for determining when state information exists for the remote entity in the second 
table of unverified remote entities; 

when the state information exists in the second table of unverified remote entities, a step for 
determining when the remote entity can be verified such that state information can be moved to the 
first table of verified remote entities; and 

when state information does not exist in the second table of unverified remote entities; a step 
for determining when state information for the remote entity should be created in the second table of 
unverified remote entities. 
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13. (Previously Presented) The method of claim 12, wherein when the state 
information for the remote entity does exist in the first table of verified remote entities, standard data 
transport protocol processing is performed. 

14. (Original) The method of claim 13, wherein the standard data transport protocol is 
transmission control protocol. 

15. (Previously Presented) The method of claim 12, wherein when the state 
information exists in the second table of unverified remote entities, but the remote entity cannot be 
verified, the method further comprises the act of: 

checking if the packet includes a synchronization message for determining how to respond to 
the unverified remote entity. 

16. (Original) The method of the claim 15, wherein if the packet of data includes a 
synchronization message, the local server responds by either sending a synchronization- 
acknowledgement packet or by deleting the packet. 

17. (Previously Presented) The method of the claim 15, wherein if the packet of data 
does not include a synchronization message, the local server responds by one or more of the 
following: deleting the packet, retransmitting the original message to the remote entity or removing 
the state information from the second table of unverified remote entities. 

18. (Cancelled) 

19. (Original) The method of claim 18, wherein the first hash function is also a 
cryptographically secured hash function, and wherein the first and second hash functions are one of 
either hardware based or software based. 
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20. (Previously Presented) The method of claim 12, wherein when state information 
does not exist in either the first table of verified remote entities or the second table of unverified 
remote entities, and wherein the step for determining when state information for the remote entity 
should be created in the second table of unverified remote entities includes the act of checking 
whether the local server is a listener that may accept the package of data from the remote entity, the 
method further comprising the acts of: 

creating state information for the remote entity within the second table of unverified remote 
entities; and 

sending a synchronization-acknowledgement packet that includes an initial sequence number 
to the remote entity. 

2 1 . (Previously Presented) The method of claim 1 2, wherein when state information 
does not exist in either the first table of verified entities or the second table of unverified entities, the 
step for determining if state information for the remote entity should be created in the second table of 
unverified remote entities includes the act of checking whether the local server is a listener that may 
accept the package of data from the remote entity, and the server is not a listener that may accept the 
package of data from the remote entity, the method further comprising the act of: 

sending a reset command to the remote entity for indicating that the packet was not verifiable 
and needs to be resent. 
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22. (Previously Presented) For a local server that receives data from one or more 
remote entities over a data transport protocol, a computer program product comprising computer 
readable storage media storing computer executable instructions that implement the method recited in 
claim 1. 

23. (Previously Presented) The computer program product of claim 22, wherein 
when the state information for the remote entity exists in the second table of unverified remote 
entities, but the remote entity cannot be verified, the method further comprises the act of: 

checking if the packet includes a synchronization message for determining how to respond to 
the unverified remote entity. 

24. (Original) The computer program product of the claim 23, wherein if the packet of 
data includes a synchronization message, the local server responds by either sending a 
synchronization-acknowledgement packet or by deleting the packet. 

25. (Previously Presented) The computer program product of the claim 23, wherein 
if the packet of data does not include a synchronization message, the local server responds by one or 
more of the following: deleting the packet, retransmitting the original message to the remote entity or 
removing the state information from the second table of unverified remote entities. 

26. (Original) The computer program product of claim 22, wherein the first hash 
function is also a cryptographically secured hash function, and wherein the first and second hash 
functions are one of hardware based or software based. 
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27. (Previously Presented) The computer program product of claim 22, wherein 
when state information for the remote entity does not exist in either the first table of verified remote 
entities or the second table of unverified remote entities, and wherein the server is a listener that may 
accept the package of data from the remote entity, the method further comprising the acts of: 

creating state information for the remote entity within the second table of unverified remote 
entities; and 

sending a synchronization-acknowledgement packet that includes an initial sequence number 
to the remote entity. 

28. (Previously Presented) The computer program product of claim 22, wherein 
when state information for the remote entity does not exist in either the first table of verified remote 
entities or the second table of unverified remote entities, and the server is not a listener that may 
accept the package of data from the remote entity, the method further comprises the act of: 

sending a reset command to the remote entity for indicating that the packet was not verifiable 
and needs to be resent. 
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29. (Previously Presented) For a local server that receives data from one or more 
remote entities over a data transport protocol, a computer program product comprising computer 
readable storage media storing computer executable instructions that implement the method recited in 
claim 12. 

30. (Previously Presented) The computer program product of claim 29, wherein 
when the state information exists in the second table of unverified remote entities, but the remote 
entity cannot be verified, the method further comprises the act of: 

checking if the packet includes a synchronization message for determining how to respond to 
the unverified remote entity. 

3 1 . (Original) The computer program product of the claim 30, wherein if the packet of 
data includes a synchronization message, the local server responds by either sending a 
synchronization-acknowledgement packet or by deleting the packet. 

32. (Previously Presented) The computer program product of the claim 30, wherein 
if the packet of data does not include a synchronization message, the local server responds by one or 
more of the following: deleting the packet, retransmitting the original message to the remote entity or 
removing the state information from the second table of unverified remote entities. 

33. (Cancelled) 

34. (Original) The computer program product of claim 33, wherein the first hash 
function is also a cryptographically secured hash function, and wherein the first and second hash 
functions are one of either hardware based or software based. 
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35. (Previously Presented) The computer program product of claim 29, wherein 
when state information does not exist in either the first table of verified remote entities or the second 
table of unverified remote entities, and wherein the step for determining when state information for 
the remote entity should be created in the second table of unverified remote entities includes the act of 
checking whether the local server is a listener that may accept the package of data from the remote 
entity, the method further comprising the acts of: 

creating state information for the remote entity within the second table of unverified remote 
entities; and 

sending a synchronization-acknowledgement packet that includes an initial sequence number 
to the remote entity. 

36. (Previously Presented) The computer program product of claim 29, wherein 
when state information does not exist in either the first table of verified remote entities or the second 
table of unverified remote entities, the step for determining if state information for the remote entity 
should be created in the second table of unverified remote entities includes the act of checking 
whether the local server is a listener that may accept the package of data from the remote entity, and 
wherein the server is not a listener that may accept the package of data from the remote entity, the 
method further comprises the act of: 

sending a reset command to the remote entity for indicating that the packet was not verifiable 
and needs to be resent. 

37. (Original) The computer program product of claim 29, wherein the remote entity 
becomes verified by sharing a secret sent to the remote entity by the local server. 
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